elia/blog.lazkani.io
1
0
Fork 0
Code Issues Pull requests Packages 1 Wiki Activity

fix(): Migrates the image to DinD
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse source
This commit is contained in:
Elia el Lazkani 2023-07-03 00:18:50 +02:00
parent ebf56ec026
commit 90c5bf6354
1 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
.drone.yml
View file

@ -38,21 +38,25 @@ steps:
repo: scm.project42.io/elia/blog
dry_run: true
squash: true
purge: false
tags:
- "${DRONE_COMMIT_SHA:0:8}"
depends_on:
- clean-up-images
- name: trivy-scan
image: docker.io/aquasec/trivy:latest
image: docker:dind
volumes:
- name: dockersock
path: /var/run/docker.sock
commands:
- export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')
- echo "$TRIVY_VERSION"
- export TRIVY_URL=$(printf "https://github.com/aquasecurity/trivy/releases/download/v%s/trivy_%s_Linux-64bit.tar.gz" "$TRIVY_VERSION" "$TRIVY_VERSION")
- echo "$TRIVY_URL"
- wget --no-verbose "$TRIVY_URL" -O - | tar -zxvf -
- docker build -t "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}" .
- trivy image --exit-code 0 "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
- trivy image --exit-code 1 --severity CRITICAL "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
- ./trivy image --exit-code 0 "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
- ./trivy image --exit-code 1 --severity CRITICAL "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
- docker rmi "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
depends_on:
- test-build-container